One non-compliant system can be the weak link in your security armor. In this video, you’ll learn about non-compliant systems and how to protect your network against these bad apples.
<< Previous Video: Spoofing Next: Windows Security Settings >>
When systems are deployed in an organization, the IT department has had a chance to perform testing and to make sure that these systems are going to work properly for the organization. However, once these devices are deployed, it’s a challenge to be able to manage the device and make sure that it stays in compliance.
We also have the concern that someone may bring in a third-party device and plug it into our network, which would certainly be a case of a device being non-compliant. These tested and approved systems are commonly referred to as standard operating environments, or SOEs. If someone is deploying a desktop or a laptop to someone in the organization, then they’re commonly building an SOE.
Of course, managing the SOE is also a challenge for the IT department. They have to make sure that all of the applications stay up to date, that all of the operating patches are installed. And they have to test all of those patches to make sure that they work with all of the software used in the organization. Once all the checks are performed and everyone knows that these applications are working properly, that particular device can be upgraded to the latest version of the SOE.
Fortunately, there is software that can allow the IT department to constantly monitor these systems to make sure they stay in compliance. You can combine this with the network visibility you would get from devices such as a next-generation firewall to be able to see what applications are really flowing across the network. And it’s not uncommon to perform scans and compliance checks when someone logs into the network to make sure that the system is really one that belongs to the organization and that all of the software on that system is up to date with the latest SOE. If these scans show that this system is not in compliance, a message can be shown to the user that can help guide them through the process of bringing this system back into compliance.